As with any applications that access data in a networked environment, sensitive data is transmitted as applications interact. Although much of this risk should be addressed by standard network security techniques, there are some Analyzer-specific issues you should consider:
Use flat files for creating data sets: Using flat files with Analyzer eliminates connections to live applications and data, and the risk associated with sharing application access information. It also provides more control over the scope of data available to Analyzer. For more information about using flat files, see Section 3.3, Creating a Flat File Profile.
Audit application interactions: When using application connections with Analyzer, you should use Analyzer’s auditing capabilities to track events between Analyzer and the application. For more information about auditing, see Section 3.11, Auditing and Reporting.
Local driver connections are not encrypted: When you use local drivers instead of the Remote Loader, be aware that the connections used by the local driver are not encrypted. This might render usernames and passwords visible on the wire. Because of this, you should use temporary user accounts and passwords, and restrict the rights of these temporary accounts as much as possible to limit the risk of this data being intercepted.
IDS Trace displays passwords in clear text: Currently, the IDS Trace feature in Analyzer does not obfuscate passwords in its trace files. Because of this, you should use temporary user accounts and passwords, and restrict the rights of these temporary accounts as much as possible to limit the risk of this data being intercepted.